WhiteSource scan (#2845)

saberduck · web-flow · commit e1086ff30655 · 2021-11-11T17:14:53.000+01:00
diff --git a/.cirrus.yml b/.cirrus.yml
@@ -82,6 +82,30 @@ build_win_task:
     - mvn.cmd -s /c/buildTools-docker/settings-public.xml test
   cleanup_before_cache_script: cleanup_maven_repository
 
+ws_scan_task:
+  depends_on:
+    - build
+  gke_container:
+    dockerfile: .cirrus/nodejs-12.Dockerfile
+    <<: *CONTAINER_DEFINITION
+    cpu: 4
+    memory: 8G
+  # run only on master and long-term branches
+  only_if: $CIRRUS_USER_COLLABORATOR == 'true' && ($CIRRUS_BRANCH == "master" || $CIRRUS_BRANCH =~ "branch-.*")
+  env:
+    WS_APIKEY: ENCRYPTED[!3929c6148b9dfc751a2d17c590b15d755f82cd9c108f2de5f24a5b32f2a0c26144e921fab7e2c959fc2824d6d6d1550d!]
+  maven_cache:
+    folder: ${CIRRUS_WORKING_DIR}/.m2/repository
+  whitesource_script:
+    - source cirrus-env QA
+    - source set_maven_build_version $BUILD_NUMBER
+    - mvn clean install -DskipTests
+    - source ws_scan.sh
+  allow_failures: "true"
+  always:
+    ws_artifacts:
+      path: "whitesource/**/*"
+
 plugin_qa_task:
   depends_on:
     - build
@@ -182,6 +206,7 @@ ruling_task:
 
 promote_task:
   depends_on:
+    - ws_scan
     - build_win
     - plugin_qa
     - plugin_qa_win
diff --git a/.cirrus/nodejs-12.Dockerfile b/.cirrus/nodejs-12.Dockerfile
@@ -2,7 +2,7 @@ FROM gcr.io/language-team/base:latest
 
 USER root
 
-ENV NODE_VERSION v12.20.1
+ENV NODE_VERSION v12.22.7
 
 RUN  wget -U "nodejs" -q -O nodejs.tar.xz https://nodejs.org/dist/${NODE_VERSION}/node-${NODE_VERSION}-linux-x64.tar.xz \
     && tar -xJf "nodejs.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \
diff --git a/wss-unified-agent.config b/wss-unified-agent.config
@@ -0,0 +1,23 @@
+# WhiteSource documentation https://whitesource.atlassian.net/wiki/spaces/WD/pages/1544880156/Unified+Agent+Configuration+Parameters
+
+excludes=**/*sources.jar **/*javadoc.jar **/its/plugin/projects/** eslint-bridge/tests/**
+fileSystemScan=False
+resolveAllDependencies=False
+
+maven.aggregateModules=True
+maven.downloadMissingDependencies=False
+maven.m2RepositoryPath=.m2/repository
+maven.resolveDependencies=True
+maven.runPreStep=False
+
+npm.includeDevDependencies=True
+npm.resolveDependencies=True
+npm.resolveLockFile=False
+npm.runPreStep=False
+npm.yarnProject=True
+
+wss.url=https://saas-eu.whitesourcesoftware.com/agent
+
+forceUpdate=true
+checkPolicies=true
+forceUpdate.failBuildOnPolicyViolation=true
